Message authentication

US 7,213,149 B2
Filed: 12/01/2000
Issued: 05/01/2007
Est. Priority Date: 12/02/1999
Status: Expired due to Fees

First Claim

Patent Images

1. A method for the authenticated transmission of messages, comprising the following communication setup steps:

generating a login key by a keyed-hashing method on the basis of random data, temporal validity information, and a private key;

transmitting the login key from an originator to a destination; and

verifying the authenticity and the temporal validity of the login key on the basis of the keyed hashing digest on the destination side; and

comprising the following acknowledgement steps;

generating an acknowledgement by a keyed-hashing method on the basis of second random data and the private key, wherein the acknowledgement key includes a time stamp;

transmitting the acknowledgement key from the destination to the originator; and

verifying the acknowledgement key by the originator, including checking the acknowledgement key on the basis of the time stamp and the previously stored temporal validity information whether the acknowledgement key is still valid,wherein the keyed-hashing technique uses random data that is stored by the destination in a table during the temporal validity of the login key.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

For the authentication of messages communicated in a distributed system from an originator to a destination a keyed-hashing technique is used according to which data to be authenticated is concatenated with a private (secret) key and then processed to the cryptographic hash function. The data are transmitted together with the digest of the hash function from the originator to the destination. The data comprises temporal validity information representing the temporal validity of the data. For example the setup key of a communication is therefore only valid within a given time interval that is dynamically defined by the communication originator. After the time interval is exceeded the setup key is invalid and cannot be reused again.

Citations

7 Claims

1. A method for the authenticated transmission of messages, comprising the following communication setup steps:
- generating a login key by a keyed-hashing method on the basis of random data, temporal validity information, and a private key;
  
  transmitting the login key from an originator to a destination; and
  
  verifying the authenticity and the temporal validity of the login key on the basis of the keyed hashing digest on the destination side; and
  
  comprising the following acknowledgement steps;
  
  generating an acknowledgement by a keyed-hashing method on the basis of second random data and the private key, wherein the acknowledgement key includes a time stamp;
  
  transmitting the acknowledgement key from the destination to the originator; and
  
  verifying the acknowledgement key by the originator, including checking the acknowledgement key on the basis of the time stamp and the previously stored temporal validity information whether the acknowledgement key is still valid,wherein the keyed-hashing technique uses random data that is stored by the destination in a table during the temporal validity of the login key.
- View Dependent Claims (2, 3, 4, 6, 7)
- - 2. The method according to claim 1, further comprising the following message transmission steps:
    - in case the verification of the acknowledgment key is positive,extracting the second random data from the acknowledgment key,generating a message by a keyed-hashing method on the basis of the second random data, message data, and the private key,transmitting the message from the originator to the destination, andverifying the message by the destination.
  - 3. The method according to claim 2, whereinthe message comprises a time stamp, andthe step of verifying the message includes checking on the time stamp of the message and the temporal validity information to determine whether the message is still valid.
  - 4. A storage medium storing a software program product,the software program product implements, when loaded into a computing device of a distributed system, the method according to claim 1.
  - 6. The distributed system according to claim 1, whereinthe originator is configured to extract the second random data from the acknowledgment key in case the verification of the acknowledgment key is positive, generate a message by a keyed-hashing method on the basis of the second random data, message data and the private key, and transmit the message to the destination, andthe destination is configured to verify the message.
  - 7. A distributed system according to claim 6, whereinthe message comprises a time stamp, andthe destination checks, when verifying the message, on the time stamp of the message and the temporal validity information to determine whether the message is still valid.

5. The distributed system for the authenticated transmission of messages, comprising:
- an originator designed to generate a login key by a keyed-hashing method on the basis of random data, temporal validity information and a private key, wherein the login key includes a key hashing digest; and
  
  a network for transmitting the login key from the originator to a destination, wherein the destination is designed to verify the authenticity and the temporal validity of the login key on the basis of the keyed hashing digest;
  
  wherein the destination is designed to generate an acknowledgement key by a keyed-hashing method on the basis of second random data and the private key and to transmit the acknowledgement key to the originator and the acknowledgement key includes a time stamp;
  
  the originator is designed to verify the acknowledgement key, including checking on the basis of the time stamp and the previously stored temporal validity information whether the acknowledgement key is still valid; and
  
  the keyed hashing technique uses random data that is stored by the destination in a table during the temporal validity of the login key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sony Deutschland GmbH (Sony Group Corp.)
Original Assignee
Sony Deutschland GmbH (Sony Group Corp.)
Inventors
Mache, Niels
Primary Examiner(s)
Sheikh; Ayaz
Assistant Examiner(s)
Abrishamkar; Kaveh

Application Number

US09/728,800
Publication Number

US 20010002929A1
Time in Patent Office

2,342 Days
Field of Search

713/170, 713/178, 713/171, 380/259, 380/281, 380/284, 380/283
US Class Current

713/170
CPC Class Codes

H04L 63/0442   wherein the sending and rec...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/126   the source of the received ...

H04L 9/3242   involving keyed hash functi...

H04L 9/3297   involving time stamps, e.g....

Message authentication

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

7 Claims

Specification

Solutions

Use Cases

Quick Links

Message authentication

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

7 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links